Hola!, entre al tema Guía de detección y eliminacion de Malwares 2020 ya que estoy teniendo inconvenientes de ese tipo, pero al querer instalar Malwarebytes me sale lo siguiente
Muchas gracias de antemano!
Hola!, entre al tema Guía de detección y eliminacion de Malwares 2020 ya que estoy teniendo inconvenientes de ese tipo, pero al querer instalar Malwarebytes me sale lo siguiente
Muchas gracias de antemano!
Hola @Jimena_Pedraza
Intenta de la siguiente manera:
1.- Descarga tu escritorio las siguientes herramientas:
(Renombrada bajo el nombre de “iExplore.exe”) para evitar el bloqueo de los malwares. Una vez que esta fue ejecutada, es importante no reiniciar el sistema hasta que se le solicite.
2.- Recién aquí vuelves a intentar descargar y ejecutar Malwarebytes de la siguiente manera:
Cualquier error vuelves y lo comentas.
Salu2
Hola @SanMar!, descargué Rkill, pero al abrirlo ocurrió lo siguiente
Hola @Jimena_Pedraza
Antes de abrirlo recordaste cambiarle el nombre a IExplorer? Lo ejecutaste como Administrador (Botón derecho sobre el archivo >>>> Ejecutar como Adminis…)
Prueba en Modo Seguro con Red.
Nos comentas.
Salu2
Le cambié el nombre y lo abrí en modo seguro, pero sigue igual
Hola @Jimena_Pedraza
OK, intenta lo siguiente:
Si no puedes en Modo Normal, lo intentas en Modo Seguro.
1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.
2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?
Guía: Como Ejecutar FRST
3.- En tu próxima respuesta, pega los reportes generados.
Guía : ¿Como Pegar reportes en el Foro?
Esperamos esos reporte.
Nota: Si aun te da problemas ejecutar FRST, dime cual es tu Sistema Operativo?, y si tienes acceso a otro equipo limpio y a un USB
Salu2
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 30-04-2020
Ejecutado por Pedraza (02-05-2020 01:39:50)
Ejecutado desde C:\Users\Pedraza\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-06-30 01:41:09)
Modo de Inicio: Safe Mode (with Networking)
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-1634448849-352997038-3322466404-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1634448849-352997038-3322466404-1002 - Limited - Enabled)
Invitado (S-1-5-21-1634448849-352997038-3322466404-501 - Limited - Disabled)
Pedraza (S-1-5-21-1634448849-352997038-3322466404-1000 - Administrator - Enabled) => C:\Users\Pedraza
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.5.3059 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
Corel Shell Extension - 64Bit (HKLM\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF011}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
CorelDRAW Graphics Suite X4 - Capture (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF012}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF016}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF013}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF017}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF019}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (HKLM-x32\...\{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang ES (HKLM-x32\...\{D2827848-7D2A-4547-9AD1-C965FB3E6344}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF014}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (HKLM-x32\...\{BF439B41-0252-48DE-8B8B-0430CB26A181}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (HKLM-x32\...\{44A27085-0616-4181-A0C3-81C7ECA17F73}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: 1.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: - Corel Corporation)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Estudio para la mejora del producto HP DeskJet 3700 series (HKLM\...\{98C57830-7924-4B6E-BA66-DDA606052B42}) (Version: 40.1.1032.61591 - HP Inc.)
FileLab Plugin 1.1.33 (HKLM-x32\...\{6AC5F630-9453-433D-90FF-BB3A8E4F8960}) (Version: 1.1.33 - FileLab)
Flash Movie Player 1.5 (HKLM-x32\...\Flash Movie Player) (Version: 1.5 - Eolsoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
HP DeskJet 3700 series Software básico del dispositivo (HKLM\...\{18791BF1-4D0C-449A-90D0-89DCFD4EE256}) (Version: 40.1.1032.61591 - HP Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Los Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)
Los Sims™ 3 Movida en la facultad (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
The Sims 2 Ultimate Collection versión 1.17.0.66 (HKLM-x32\...\The Sims 2 Ultimate Collection_is1) (Version: 1.17.0.66 - EA Games)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.8.0 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [Archivo no firmado]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [411480 2010-03-04] (TechSmith Corporation -> TechSmith Corporation)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0021 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0022 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0023 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0024 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0025 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0026 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0027 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0028 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0029 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0030 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0031 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0032 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0033 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0034 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0035 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0036 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0037 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0038 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0039 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0040 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0041 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0042 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0043 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0044 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0045 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0046 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0047 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0048 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0049 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0050 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0051 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0052 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0053 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0054 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0055 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0056 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0057 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0058 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0059 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0060 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0061 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0062 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0063 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0064 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0065 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0066 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0067 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0068 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0069 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0070 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0071 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0072 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0073 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0074 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0075 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0076 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0077 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0078 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0079 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0080 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0081 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0082 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0083 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0084 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0085 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0086 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0087 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0088 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0089 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0090 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0091 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0092 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0093 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0094 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0095 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0096 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0097 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0098 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0099 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0100 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0021 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0022 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0023 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0024 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0025 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0026 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0027 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0028 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0029 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0030 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0031 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0032 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0033 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0034 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0035 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0036 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0037 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0038 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0039 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0040 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0041 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0042 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0043 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0044 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0045 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0046 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0047 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0048 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0049 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0050 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0051 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0052 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0053 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0054 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0055 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0056 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0057 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0058 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0059 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0060 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0061 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0062 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0063 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0064 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0065 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0066 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0067 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0068 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0069 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0070 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0071 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0072 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0073 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0074 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0075 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0076 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0077 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0078 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0079 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0080 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0081 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0082 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0083 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0084 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0085 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0086 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0087 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0088 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0089 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0090 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0091 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0092 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0093 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0094 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0095 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0096 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0097 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0098 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0099 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0100 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2009-07-13 23:34 - 2008-02-28 00:38 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pedraza\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\startupreg: uTorrent => "C:\Users\Pedraza\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [TCP Query User{4E299A70-2655-4F79-9B8D-2083A5FDEAC6}C:\program files (x86)\microsoft office\office12\groove.exe] => (Block) C:\program files (x86)\microsoft office\office12\groove.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F9538EF1-1E86-4120-8FFD-F07F7E93CB50}C:\program files (x86)\microsoft office\office12\groove.exe] => (Block) C:\program files (x86)\microsoft office\office12\groove.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Puntos de Restauración =========================
30-04-2020 15:04:15 Instalado The Sims 3
30-04-2020 17:24:37 Instalado The Sims 3
30-04-2020 17:44:23 Instalado TheSims3EP9
01-05-2020 01:00:21 Windows Update
01-05-2020 13:23:11 Windows Update
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name: Adaptador ISATAP de Microsoft
Description: Adaptador ISATAP de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Adaptador ISATAP de Microsoft #2
Description: Adaptador ISATAP de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: avgVmm
Description: avgVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: avgVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Errores del registro de eventos: ========================
No se pudo iniciar el servicio de registro de eventos, no se pudieron leer los eventos.
El servicio de Registro de eventos de Windows est� inici�ndose.
El servicio de Registro de eventos de Windows no ha podido iniciarse.
Error de sistema.
Error de sistema 1899.
No se pudo crear la entrada de la base de datos del asignador de extremo.
==================== Información de la memoria ===========================
BIOS: Dell Inc. A08 02/28/2008
Placa base: Dell Inc. 0KU184
Procesador: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz
Porcentaje de memoria en uso: 85%
RAM física total: 2037.97 MB
RAM física disponible: 296.95 MB
Virtual total: 4075.95 MB
Virtual disponible: 2357.94 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:148.95 GB) (Free:15.03 GB) NTFS
Drive d: (Sims3EP09) (CDROM) (Total:3.31 GB) (Free:0 GB) CDFS
\\?\Volume{e660c6c5-1ec6-11e5-8bc8-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: BC5B9E56)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
==================== Final de Addition.txt =======================
Hola @Jimena_Pedraza
Falta uno de los reportes que debes tener en tu escritorio llamado FRST.txt.
Salu2
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 30-04-2020
Ejecutado por Pedraza (administrador) sobre PEDRAZA-PC (Dell Inc. Latitude D630) (02-05-2020 01:36:34)
Ejecutado desde C:\Users\Pedraza\Downloads
Perfiles cargados: Pedraza (Perfiles disponibles: Pedraza)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Chrome)
Modo de Inicio: Safe Mode (with Networking)
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291568 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-04-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\Run: [uTorrent] => C:\Users\Pedraza\AppData\Roaming\uTorrent\updates\3.5.5_45628.exe [2072816 2008-02-28] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: G - G:\RunGame.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: H - H:\RunGame.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {9bfb48d0-e43d-11e7-8e5f-001c233e7c8b} - F:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {d9857b39-e63b-11e7-8e51-001c233e7c8b} - H:\RunGame.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {e7d0555d-e4d3-11e7-890a-001c233e7c8b} - E:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {e7d05578-e4d3-11e7-890a-001c233e7c8b} - G:\RunGame.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\Installer\chrmstp.exe [2018-02-23] (Google Inc -> Google Inc.)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {0A383F70-723D-4EEC-A95C-92DC5F337546} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1634448849-352997038-3322466404-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {0B9A18D0-AED5-4D31-A161-3683D1CBCE36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-16] (Google Inc -> Google Inc.)
Task: {478FF4D3-19D5-45F8-9453-83AA27A96570} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {516C3E37-D303-4C31-BD9E-74DB56539454} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-07-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {646B4E5E-0CC5-4E08-9CAE-1B4F234618B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {6F9BAFE8-B5E3-4E21-B5CF-07AADA272801} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe
Task: {930DC825-72F9-463C-A6CD-7B78B6177216} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-16] (Google Inc -> Google Inc.)
Task: {95D8BF6C-93ED-4A78-9A7D-8400B1D3FC35} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {ED9CCFF8-4794-44D9-9179-96651745B9D7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\Windows\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-Pedraza-PC-Pedraza.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\AdobeGCInvoker-1.0-Pedraza-PC-Pedraza.job => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Pedraza\Desktop\adwcleaner_7.4.1.exe
Task: C:\Windows\Tasks\Antivirus Emergency Update.job => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
Task: C:\Windows\Tasks\AVG EUpdate Task.job => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe
Task: C:\Windows\Tasks\AVGPCTuneUp_Task_BkGndMaintenance.job => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: C:\Windows\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
Task: C:\Windows\Tasks\HPCustPartic.exe_{2B87B18C-41DB-43E5-B822-6907397BF58F}.job => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe
Task: C:\Windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)Tweaking.com - Windows Repair)Created By Tweaking.com
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{706D681B-FBF2-4C06-8D84-A624C4453F51}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin-x32: @ASC/FileLabPlugin;version=1.1.33 -> C:\ProgramData\FileLab\Plugin\Framework\npFlPluginS.dll [2012-02-20] (Ascensio System SIA -> FileLab) [Archivo no firmado]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-05-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-05-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default [2019-10-15]
CHR Extension: (Documentos) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-30]
CHR Extension: (Google Drive) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-30]
CHR Extension: (YouTube) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-30]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Hojas de cálculo) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-30]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-01]
CHR Extension: (Avast Online Security) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-17]
CHR Extension: (AVG SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-09-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-30]
CHR Extension: (Gmail) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-20]
CHR Profile: C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-10-15]
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
CHR Extension: (AdBlock) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13]
CHR Extension: (Avast Online Security) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-06]
CHR Profile: C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-01]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [323512 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7829784 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1028096 2016-12-12] (Digital Care Solutions) [Archivo no firmado]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189544 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [222288 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [194224 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [339048 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51952 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [152016 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [104256 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [78352 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1020112 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S1 avgSP; C:\Windows\System32\drivers\avgSP.sys [455464 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\Windows\System32\drivers\avgStm.sys [203544 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [373944 2008-02-28] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [120416 2018-01-12] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2017-12-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2016-05-19] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2016-05-19] (Disc Soft Ltd -> Disc Soft Ltd)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [213088 2018-01-12] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [485512 2016-12-12] (Bitdefender SRL -> BitDefender S.R.L.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
U0 aswVmm; no ImagePath
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-05-02 01:36 - 2020-05-02 01:38 - 000016769 _____ C:\Users\Pedraza\Downloads\FRST.txt
2020-05-02 01:30 - 2020-05-02 01:31 - 000102498 _____ C:\Windows\ntbtlog.txt
2020-05-02 01:26 - 2020-05-02 01:37 - 000000000 ___DC C:\FRST
2020-05-02 01:23 - 2020-05-02 01:23 - 002283520 _____ (Farbar) C:\Users\Pedraza\Downloads\FRST64.exe
2020-05-01 20:11 - 2020-05-01 20:12 - 000000000 ____D C:\Program Files (x86)\GUM9A9C.tmp
2020-05-01 20:00 - 2020-05-01 20:00 - 000002253 _____ C:\Users\Pedraza\Desktop\Google Chrome.lnk
2020-05-01 00:44 - 2020-05-01 00:44 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-05-01 00:44 - 2020-05-01 00:44 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-05-01 00:42 - 2020-05-01 00:43 - 025308096 _____ (Piriform Software Ltd) C:\Users\Pedraza\Downloads\ccsetup566.exe
2020-05-01 00:24 - 2020-05-01 00:24 - 000120456 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2020-05-01 00:04 - 2008-02-28 03:55 - 000120456 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2020-04-30 18:00 - 2020-04-30 18:00 - 000002310 _____ C:\Users\Public\Desktop\Los Sims™ 3 Movida en la facultad.lnk
2020-04-30 18:00 - 2020-04-30 18:00 - 000002310 _____ C:\ProgramData\Desktop\Los Sims™ 3 Movida en la facultad.lnk
2020-04-30 15:53 - 2019-12-30 23:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-04-30 15:53 - 2019-12-30 23:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-04-30 15:47 - 2020-04-30 15:47 - 000002086 _____ C:\Users\Public\Desktop\Los Sims™ 3.lnk
2020-04-30 15:47 - 2020-04-30 15:47 - 000002086 _____ C:\ProgramData\Desktop\Los Sims™ 3.lnk
2020-04-30 15:07 - 2020-04-30 17:46 - 000000000 ____D C:\Program Files (x86)\Electronic Arts
2020-04-30 12:17 - 2008-02-28 01:07 - 000000718 _____ C:\Users\Pedraza\Desktop\Rkill.txt
2020-04-30 12:16 - 2020-04-30 12:17 - 001943800 _____ (Bleeping Computer, LLC) C:\Users\Pedraza\Desktop\IExplore.exe.exe
2020-04-29 21:56 - 2020-04-29 21:56 - 000000000 ___DC C:\RegBackup
2020-04-29 20:26 - 2020-04-29 20:27 - 001980016 _____ (Malwarebytes) C:\Users\Pedraza\Downloads\MBSetup.exe
2020-04-29 20:22 - 2020-04-29 20:22 - 000002159 _____ C:\Users\Pedraza\Desktop\Tweaking.com - Windows Repair.lnk
2020-04-29 20:22 - 2020-04-29 20:22 - 000000574 _____ C:\Windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job
2020-04-29 20:22 - 2020-04-29 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2020-04-29 20:16 - 2020-04-29 20:21 - 038869320 _____ (Tweaking.com) C:\Users\Pedraza\Downloads\tweaking.com_windows_repair_aio_setup (1).exe
2020-04-29 20:08 - 2020-04-29 20:09 - 000000000 ____D C:\Program Files (x86)\GUM7EC.tmp
2020-04-29 12:47 - 2008-02-28 03:55 - 000000000 ____D C:\Users\Pedraza\AppData\LocalLow\uTorrent
2020-04-29 00:05 - 2020-04-29 00:06 - 000029019 _____ C:\Users\Pedraza\Downloads\The-Sims-3-[MULTI20]-(Torrent).torrent
2020-04-28 17:48 - 2020-04-28 19:03 - 1749594592 _____ (Acresso Software Inc.) C:\Users\Pedraza\Downloads\TS3_1.67.2.0240xx_update.exe
2020-04-28 13:27 - 2020-04-28 16:03 - 000000000 ____D C:\Users\Pedraza\Downloads\The Sims 3 University Life [MULTI20][PCDVD][Expansion][FLT][WwW.GamesTorrents.CoM]
2020-04-28 13:25 - 2020-04-28 13:25 - 000053153 _____ C:\Users\Pedraza\Downloads\The-Sims-3-University-Life-[MULTI20][Expansion][FLT]-(Torrent).torrent
2020-04-24 16:25 - 2020-04-24 16:25 - 000000326 _____ C:\Windows\Tasks\HPCustPartic.exe_{2B87B18C-41DB-43E5-B822-6907397BF58F}.job
2020-04-24 16:17 - 2020-04-24 16:17 - 000000000 ____D C:\ProgramData\Visan
2020-04-24 16:16 - 2020-04-29 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-04-24 16:16 - 2016-02-21 08:39 - 000840336 ____N (HP Inc.) C:\Windows\system32\HPDiscoPM0653.dll
2020-04-24 16:15 - 2020-04-24 16:15 - 000000000 ____D C:\Program Files\HP
2020-04-24 16:03 - 2020-04-29 20:11 - 000000000 ____D C:\Program Files (x86)\HP
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-05-02 01:36 - 2010-11-21 04:09 - 000698590 _____ C:\Windows\system32\perfh00A.dat
2020-05-02 01:36 - 2010-11-21 04:09 - 000141138 _____ C:\Windows\system32\perfc00A.dat
2020-05-02 01:36 - 2009-07-14 02:13 - 001584486 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-02 01:36 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2020-05-02 01:28 - 2019-09-17 12:18 - 003145728 _____ C:\Users\Pedraza\ntuser.man
2020-05-02 01:22 - 2009-07-14 01:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-02 01:22 - 2009-07-14 01:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-01 23:52 - 2017-12-21 07:52 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2020-05-01 01:09 - 2015-12-18 02:59 - 001533432 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-05-01 00:45 - 2019-10-15 20:44 - 000000300 ____H C:\Windows\Tasks\CCleaner Update.job
2020-04-30 18:00 - 2009-07-14 02:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-04-30 12:30 - 2015-06-29 23:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-29 22:28 - 2009-07-13 23:34 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_951
2020-04-29 20:28 - 2019-09-17 21:13 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-29 20:14 - 2017-12-19 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2020-04-29 20:12 - 2017-06-17 15:49 - 000000000 ____D C:\ProgramData\HP
2020-04-29 20:11 - 2016-05-08 16:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-29 19:43 - 2016-05-23 16:31 - 000000382 ____C C:\DelFix.txt
2020-04-29 18:33 - 2009-07-13 23:34 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_140
2020-04-29 17:47 - 2015-07-12 13:59 - 000000000 ____D C:\Windows\Minidump
2020-04-29 17:31 - 2019-10-01 20:12 - 000000288 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2020-04-29 16:59 - 2008-02-28 00:06 - 1716912128 ____R C:\Users\Pedraza\Downloads\rld-sim3.iso
2020-04-29 13:47 - 2009-07-13 23:34 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_424
2020-04-28 00:12 - 2019-09-18 17:36 - 000000000 ____D C:\Users\Pedraza\Downloads\Sims 3
2020-04-28 00:02 - 2017-11-21 15:07 - 000000000 ____D C:\Users\Pedraza\Desktop\Diseño Gráfico
==================== Archivos en la raíz de algunos directorios ========
2016-06-02 13:10 - 2019-05-14 19:34 - 000000033 ____R () C:\Users\Pedraza\AppData\Roaming\AdobeWLCMCache.dat
2020-02-22 04:48 - 2020-04-21 16:08 - 000000132 ____R () C:\Users\Pedraza\AppData\Roaming\Prefs. de formato PNG de Adobe CC
2016-01-05 21:00 - 2016-02-21 16:33 - 000009216 ____R () C:\Users\Pedraza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-12 15:01 - 2015-08-12 15:01 - 000000000 ____R () C:\Users\Pedraza\AppData\Local\{124D4E24-BFA9-4A41-A096-B6F6B426E767}
2015-08-14 23:17 - 2015-08-14 23:17 - 000000000 ____R () C:\Users\Pedraza\AppData\Local\{8152E4D6-FFDB-47BF-9AB5-48B81B353353}
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2016-03-11 04:18
==================== Final de FRST.txt ========================
Hola @Jimena_Pedraza
Existe un gran bloqueo en tu ordenador…
Con mucha atención vas a realizar lo siguiente:
Paso 1:
Vas a descargar desde el siguiente enlace la Herramienta especifica de desinstalación de:
Las ejecutas una a una en lo posible desde Modo Seguro, deberás reiniciar luego de cada una.
Paso 2:
Desinstala con Revo Uninstaller en su Modo Avanzado:
Reinicias luego de las dos desinstalaciones.
Paso 3:
Elimina las extensiones de tu navegador Google Chrome que mas abajo te detallo de la siguiente manera:
Paso 4:
Ejecutaste FRST desde un lugar incorrecto:
Corta el ejecutable y pegalo en tu escritorio <<< Esto es Muy Importante.
Paso 5:
Vuelves a ejecutar FRST tal como la primera vez que te lo pedí en el Post 6
Nos traes sus dos reportes.
Intenta en Modo Normal y si aun te da problemas en Modo Seguro
Cualquier duda o problema nos consultas.
Salu2
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 30-04-2020
Ejecutado por Pedraza (administrador) sobre PEDRAZA-PC (Dell Inc. Latitude D630) (03-05-2020 21:39:56)
Ejecutado desde C:\Users\Pedraza\Desktop
Perfiles cargados: Pedraza (Perfiles disponibles: Pedraza)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Chrome)
Modo de Inicio: Safe Mode (with Networking)
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [AVGUI.exe] => "C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe" /gui
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\RunOnce: [AvgRemover] => C:\Windows\system32\avgremoverx.exe /run_number=2 /max_runs=2 /ndis_nextstep=4 /norestart /selfremove
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-04-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\Run: [uTorrent] => C:\Users\Pedraza\AppData\Roaming\uTorrent\updates\3.5.5_45628.exe [2072816 2008-02-28] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\RunOnce: [mb-runtask] => [X]
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: G - G:\RunGame.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: H - H:\RunGame.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {9bfb48d0-e43d-11e7-8e5f-001c233e7c8b} - F:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {d9857b39-e63b-11e7-8e51-001c233e7c8b} - H:\RunGame.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {e7d0555d-e4d3-11e7-890a-001c233e7c8b} - E:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {e7d05578-e4d3-11e7-890a-001c233e7c8b} - G:\RunGame.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\Installer\chrmstp.exe [2018-02-23] (Google Inc -> Google Inc.)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {0A383F70-723D-4EEC-A95C-92DC5F337546} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1634448849-352997038-3322466404-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {0B9A18D0-AED5-4D31-A161-3683D1CBCE36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-16] (Google Inc -> Google Inc.)
Task: {478FF4D3-19D5-45F8-9453-83AA27A96570} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {516C3E37-D303-4C31-BD9E-74DB56539454} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-07-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {646B4E5E-0CC5-4E08-9CAE-1B4F234618B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {6F9BAFE8-B5E3-4E21-B5CF-07AADA272801} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe
Task: {930DC825-72F9-463C-A6CD-7B78B6177216} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-16] (Google Inc -> Google Inc.)
Task: {95D8BF6C-93ED-4A78-9A7D-8400B1D3FC35} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {ED9CCFF8-4794-44D9-9179-96651745B9D7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\Windows\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-Pedraza-PC-Pedraza.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\AdobeGCInvoker-1.0-Pedraza-PC-Pedraza.job => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Pedraza\Desktop\adwcleaner_7.4.1.exe
Task: C:\Windows\Tasks\AVGPCTuneUp_Task_BkGndMaintenance.job => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: C:\Windows\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
Task: C:\Windows\Tasks\HPCustPartic.exe_{2B87B18C-41DB-43E5-B822-6907397BF58F}.job => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{706D681B-FBF2-4C06-8D84-A624C4453F51}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin-x32: @ASC/FileLabPlugin;version=1.1.33 -> C:\ProgramData\FileLab\Plugin\Framework\npFlPluginS.dll [2012-02-20] (Ascensio System SIA -> FileLab) [Archivo no firmado]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-05-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-05-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default [2019-10-15]
CHR Extension: (Documentos) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-30]
CHR Extension: (Google Drive) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-30]
CHR Extension: (YouTube) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-30]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Hojas de cálculo) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-30]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-01]
CHR Extension: (Avast Online Security) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-17]
CHR Extension: (AVG SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-09-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-30]
CHR Extension: (Gmail) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-20]
CHR Profile: C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-10-15]
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
CHR Extension: (AdBlock) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13]
CHR Extension: (Avast Online Security) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-06]
CHR Profile: C:\Users\Pedraza\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-01]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1028096 2016-12-12] (Digital Care Solutions) [Archivo no firmado]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [120416 2018-01-12] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2017-12-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2016-05-19] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2016-05-19] (Disc Soft Ltd -> Disc Soft Ltd)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [213088 2018-01-12] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
U0 aswVmm; no ImagePath
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-05-03 21:39 - 2020-05-03 21:41 - 000014459 _____ C:\Users\Pedraza\Desktop\FRST.txt
2020-05-03 21:14 - 2020-05-03 21:14 - 000002352 _____ C:\Users\Pedraza\Desktop\mb-clean-results.txt
2020-05-03 21:08 - 2020-05-03 21:08 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgremoverx.exe
2020-05-03 21:08 - 2020-05-03 21:08 - 000000000 ____D C:\Program Files\AVG
2020-05-03 20:22 - 2020-05-03 20:23 - 000858912 _____ (Malwarebytes) C:\Users\Pedraza\Downloads\mb-clean-3.1.0.1035.exe
2020-05-03 20:21 - 2020-05-03 20:23 - 012638592 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Pedraza\Downloads\avgclear.exe
2020-05-03 20:21 - 2020-05-03 20:23 - 001526784 _____ (Microsoft Corporation) C:\Users\Pedraza\Downloads\BitDefender_Uninstall_Tool_x64.exe
2020-05-02 01:39 - 2020-05-02 01:41 - 000047974 _____ C:\Users\Pedraza\Downloads\Addition.txt
2020-05-02 01:36 - 2020-05-02 01:41 - 000024418 _____ C:\Users\Pedraza\Downloads\FRST.txt
2020-05-02 01:30 - 2020-05-03 21:29 - 000611170 _____ C:\Windows\ntbtlog.txt
2020-05-02 01:26 - 2020-05-03 21:40 - 000000000 ___DC C:\FRST
2020-05-02 01:23 - 2020-05-02 01:23 - 002283520 _____ (Farbar) C:\Users\Pedraza\Desktop\FRST64.exe
2020-05-01 20:11 - 2020-05-01 20:12 - 000000000 ____D C:\Program Files (x86)\GUM9A9C.tmp
2020-05-01 00:44 - 2020-05-01 00:44 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-05-01 00:44 - 2020-05-01 00:44 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-05-01 00:42 - 2020-05-01 00:43 - 025308096 _____ (Piriform Software Ltd) C:\Users\Pedraza\Downloads\ccsetup566.exe
2020-05-01 00:24 - 2020-05-01 00:24 - 000120456 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2020-05-01 00:04 - 2008-02-28 03:55 - 000120456 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2020-04-30 18:00 - 2020-04-30 18:00 - 000002310 _____ C:\Users\Public\Desktop\Los Sims™ 3 Movida en la facultad.lnk
2020-04-30 18:00 - 2020-04-30 18:00 - 000002310 _____ C:\ProgramData\Desktop\Los Sims™ 3 Movida en la facultad.lnk
2020-04-30 15:53 - 2019-12-30 23:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-04-30 15:53 - 2019-12-30 23:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-04-30 15:47 - 2020-04-30 15:47 - 000002086 _____ C:\Users\Public\Desktop\Los Sims™ 3.lnk
2020-04-30 15:47 - 2020-04-30 15:47 - 000002086 _____ C:\ProgramData\Desktop\Los Sims™ 3.lnk
2020-04-30 15:07 - 2020-04-30 17:46 - 000000000 ____D C:\Program Files (x86)\Electronic Arts
2020-04-30 12:17 - 2020-05-03 21:35 - 000000718 _____ C:\Users\Pedraza\Desktop\Rkill.txt
2020-04-30 12:16 - 2020-04-30 12:17 - 001943800 _____ (Bleeping Computer, LLC) C:\Users\Pedraza\Desktop\IExplore.exe.exe
2020-04-29 21:56 - 2020-04-29 21:56 - 000000000 ___DC C:\RegBackup
2020-04-29 20:26 - 2020-04-29 20:27 - 001980016 _____ (Malwarebytes) C:\Users\Pedraza\Downloads\MBSetup.exe
2020-04-29 20:16 - 2020-04-29 20:21 - 038869320 _____ (Tweaking.com) C:\Users\Pedraza\Downloads\tweaking.com_windows_repair_aio_setup (1).exe
2020-04-29 20:08 - 2020-04-29 20:09 - 000000000 ____D C:\Program Files (x86)\GUM7EC.tmp
2020-04-29 12:47 - 2020-05-03 19:37 - 000000000 ____D C:\Users\Pedraza\AppData\LocalLow\uTorrent
2020-04-29 00:05 - 2020-04-29 00:06 - 000029019 _____ C:\Users\Pedraza\Downloads\The-Sims-3-[MULTI20]-(Torrent).torrent
2020-04-28 17:48 - 2020-04-28 19:03 - 1749594592 _____ (Acresso Software Inc.) C:\Users\Pedraza\Downloads\TS3_1.67.2.0240xx_update.exe
2020-04-28 13:27 - 2020-04-28 16:03 - 000000000 ____D C:\Users\Pedraza\Downloads\The Sims 3 University Life [MULTI20][PCDVD][Expansion][FLT][WwW.GamesTorrents.CoM]
2020-04-28 13:25 - 2020-04-28 13:25 - 000053153 _____ C:\Users\Pedraza\Downloads\The-Sims-3-University-Life-[MULTI20][Expansion][FLT]-(Torrent).torrent
2020-04-24 16:25 - 2020-04-24 16:25 - 000000326 _____ C:\Windows\Tasks\HPCustPartic.exe_{2B87B18C-41DB-43E5-B822-6907397BF58F}.job
2020-04-24 16:17 - 2020-04-24 16:17 - 000000000 ____D C:\ProgramData\Visan
2020-04-24 16:16 - 2020-04-29 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-04-24 16:16 - 2016-02-21 08:39 - 000840336 ____N (HP Inc.) C:\Windows\system32\HPDiscoPM0653.dll
2020-04-24 16:15 - 2020-04-24 16:15 - 000000000 ____D C:\Program Files\HP
2020-04-24 16:03 - 2020-04-29 20:11 - 000000000 ____D C:\Program Files (x86)\HP
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-05-03 21:42 - 2019-09-17 12:18 - 003145728 _____ C:\Users\Pedraza\ntuser.man
2020-05-03 21:32 - 2010-11-21 04:09 - 000699572 _____ C:\Windows\system32\perfh00A.dat
2020-05-03 21:32 - 2010-11-21 04:09 - 000141730 _____ C:\Windows\system32\perfc00A.dat
2020-05-03 21:32 - 2009-07-14 02:13 - 001587320 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-03 21:32 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2020-05-03 21:14 - 2019-09-17 21:13 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-03 21:10 - 2016-05-19 20:50 - 000000000 ____D C:\ProgramData\Avg
2020-05-03 20:56 - 2016-05-19 20:51 - 000000000 ____D C:\Program Files (x86)\AVG
2020-05-03 19:49 - 2009-07-14 01:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-03 19:49 - 2009-07-14 01:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-03 19:37 - 2017-12-21 07:52 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2020-05-01 01:09 - 2015-12-18 02:59 - 001533432 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-05-01 00:45 - 2019-10-15 20:44 - 000000300 ____H C:\Windows\Tasks\CCleaner Update.job
2020-04-30 18:00 - 2009-07-14 02:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-04-30 12:30 - 2015-06-29 23:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-29 22:28 - 2009-07-13 23:34 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_951
2020-04-29 20:12 - 2017-06-17 15:49 - 000000000 ____D C:\ProgramData\HP
2020-04-29 19:43 - 2016-05-23 16:31 - 000000382 ____C C:\DelFix.txt
2020-04-29 18:33 - 2009-07-13 23:34 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_140
2020-04-29 17:47 - 2015-07-12 13:59 - 000000000 ____D C:\Windows\Minidump
2020-04-29 17:31 - 2019-10-01 20:12 - 000000288 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2020-04-29 16:59 - 2008-02-28 00:06 - 1716912128 ____R C:\Users\Pedraza\Downloads\rld-sim3.iso
2020-04-29 13:47 - 2009-07-13 23:34 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_424
2020-04-28 00:12 - 2019-09-18 17:36 - 000000000 ____D C:\Users\Pedraza\Downloads\Sims 3
2020-04-28 00:02 - 2017-11-21 15:07 - 000000000 ____D C:\Users\Pedraza\Desktop\Diseño Gráfico
==================== Archivos en la raíz de algunos directorios ========
2016-06-02 13:10 - 2019-05-14 19:34 - 000000033 ____R () C:\Users\Pedraza\AppData\Roaming\AdobeWLCMCache.dat
2020-02-22 04:48 - 2020-04-21 16:08 - 000000132 ____R () C:\Users\Pedraza\AppData\Roaming\Prefs. de formato PNG de Adobe CC
2016-01-05 21:00 - 2016-02-21 16:33 - 000009216 ____R () C:\Users\Pedraza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-12 15:01 - 2015-08-12 15:01 - 000000000 ____R () C:\Users\Pedraza\AppData\Local\{124D4E24-BFA9-4A41-A096-B6F6B426E767}
2015-08-14 23:17 - 2015-08-14 23:17 - 000000000 ____R () C:\Users\Pedraza\AppData\Local\{8152E4D6-FFDB-47BF-9AB5-48B81B353353}
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2016-03-11 04:18
==================== Final de FRST.txt ========================
Hola @Jimena_Pedraza
Pudiste hacer todos los pasos anteriores antes de FRST?
Aun no te la permitio ejecutar en Modo Normal?
Colocaste dos veces el mismo reporte: FRST.txt, necesito el reporte de Addition.txt
Salu2
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 30-04-2020
Ejecutado por Pedraza (03-05-2020 21:43:12)
Ejecutado desde C:\Users\Pedraza\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-06-30 01:41:09)
Modo de Inicio: Safe Mode (with Networking)
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-1634448849-352997038-3322466404-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1634448849-352997038-3322466404-1002 - Limited - Enabled)
Invitado (S-1-5-21-1634448849-352997038-3322466404-501 - Limited - Disabled)
Pedraza (S-1-5-21-1634448849-352997038-3322466404-1000 - Administrator - Enabled) => C:\Users\Pedraza
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
Corel Shell Extension - 64Bit (HKLM\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF011}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
CorelDRAW Graphics Suite X4 - Capture (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF012}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF016}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF013}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF017}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF019}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (HKLM-x32\...\{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang ES (HKLM-x32\...\{D2827848-7D2A-4547-9AD1-C965FB3E6344}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF014}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (HKLM-x32\...\{BF439B41-0252-48DE-8B8B-0430CB26A181}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (HKLM-x32\...\{44A27085-0616-4181-A0C3-81C7ECA17F73}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: 1.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: - Corel Corporation)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Estudio para la mejora del producto HP DeskJet 3700 series (HKLM\...\{98C57830-7924-4B6E-BA66-DDA606052B42}) (Version: 40.1.1032.61591 - HP Inc.)
FileLab Plugin 1.1.33 (HKLM-x32\...\{6AC5F630-9453-433D-90FF-BB3A8E4F8960}) (Version: 1.1.33 - FileLab)
Flash Movie Player 1.5 (HKLM-x32\...\Flash Movie Player) (Version: 1.5 - Eolsoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
HP DeskJet 3700 series Software básico del dispositivo (HKLM\...\{18791BF1-4D0C-449A-90D0-89DCFD4EE256}) (Version: 40.1.1032.61591 - HP Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Los Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)
Los Sims™ 3 Movida en la facultad (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
The Sims 2 Ultimate Collection versión 1.17.0.66 (HKLM-x32\...\The Sims 2 Ultimate Collection_is1) (Version: 1.17.0.66 - EA Games)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [Archivo no firmado]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [411480 2010-03-04] (TechSmith Corporation -> TechSmith Corporation)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2009-07-13 23:34 - 2008-02-28 00:38 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pedraza\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\startupreg: uTorrent => "C:\Users\Pedraza\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [TCP Query User{4E299A70-2655-4F79-9B8D-2083A5FDEAC6}C:\program files (x86)\microsoft office\office12\groove.exe] => (Block) C:\program files (x86)\microsoft office\office12\groove.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F9538EF1-1E86-4120-8FFD-F07F7E93CB50}C:\program files (x86)\microsoft office\office12\groove.exe] => (Block) C:\program files (x86)\microsoft office\office12\groove.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Puntos de Restauración =========================
30-04-2020 17:24:37 Instalado The Sims 3
30-04-2020 17:44:23 Instalado TheSims3EP9
01-05-2020 01:00:21 Windows Update
01-05-2020 13:23:11 Windows Update
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name: Adaptador ISATAP de Microsoft
Description: Adaptador ISATAP de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Adaptador ISATAP de Microsoft #2
Description: Adaptador ISATAP de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Errores del registro de eventos: ========================
No se pudo iniciar el servicio de registro de eventos, no se pudieron leer los eventos.
El servicio de Registro de eventos de Windows est� inici�ndose.
El servicio de Registro de eventos de Windows no ha podido iniciarse.
Error de sistema.
Error de sistema 1899.
No se pudo crear la entrada de la base de datos del asignador de extremo.
==================== Información de la memoria ===========================
BIOS: Dell Inc. A08 02/28/2008
Placa base: Dell Inc. 0KU184
Procesador: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz
Porcentaje de memoria en uso: 85%
RAM física total: 2037.97 MB
RAM física disponible: 293.26 MB
Virtual total: 4075.95 MB
Virtual disponible: 2361.08 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:148.95 GB) (Free:14.69 GB) NTFS
Drive d: (Sims3EP09) (CDROM) (Total:3.31 GB) (Free:0 GB) CDFS
\\?\Volume{e660c6c5-1ec6-11e5-8bc8-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: BC5B9E56)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
==================== Final de Addition.txt =======================
Hola @SanMar acá está el reporte que faltaba. Pude hacer todos los pasos anteriores en modo seguro, recién ingreso al modo normal
Hola @Jimena_Pedraza
Con mucha atención sigue estos pasos:
1.- Muy Importante >>> Realizar nuevamente una copia de Seguridad de su Registro.
Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…
Luego ve a::
2.- Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:
Start
CloseProcesses:
HKLM\...\Run: [AVGUI.exe] => "C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe" /gui
HKLM-x32\...\RunOnce: [AvgRemover] => C:\Windows\system32\avgremoverx.exe /run_number=2 /max_runs=2 /ndis_nextstep=4 /norestart /selfremove
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\RunOnce: [mb-runtask] => [X]
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: G - G:\RunGame.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: H - H:\RunGame.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {9bfb48d0-e43d-11e7-8e5f-001c233e7c8b} - F:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {d9857b39-e63b-11e7-8e51-001c233e7c8b} - H:\RunGame.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {e7d0555d-e4d3-11e7-890a-001c233e7c8b} - E:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {e7d05578-e4d3-11e7-890a-001c233e7c8b} - G:\RunGame.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\Installer\chrmstp.exe [2018-02-23] (Google Inc -> Google Inc.)
Task: {478FF4D3-19D5-45F8-9453-83AA27A96570} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {6F9BAFE8-B5E3-4E21-B5CF-07AADA272801} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {95D8BF6C-93ED-4A78-9A7D-8400B1D3FC35} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Pedraza\Desktop\adwcleaner_7.4.1.exe
Task: C:\Windows\Tasks\AVGPCTuneUp_Task_BkGndMaintenance.job => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
S2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1028096 2016-12-12] (Digital Care Solutions) [Archivo no firmado]
U0 aswVmm; no ImagePath
2020-05-03 21:14 - 2020-05-03 21:14 - 000002352 _____ C:\Users\Pedraza\Desktop\mb-clean-results.txt
2020-05-03 21:08 - 2020-05-03 21:08 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgremoverx.exe
2020-05-03 21:08 - 2020-05-03 21:08 - 000000000 ____D C:\Program Files\AVG
2020-05-03 20:22 - 2020-05-03 20:23 - 000858912 _____ (Malwarebytes) C:\Users\Pedraza\Downloads\mb-clean-3.1.0.1035.exe
2020-05-03 20:21 - 2020-05-03 20:23 - 012638592 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Pedraza\Downloads\avgclear.exe
2020-05-03 20:21 - 2020-05-03 20:23 - 001526784 _____ (Microsoft Corporation) C:\Users\Pedraza\Downloads\BitDefender_Uninstall_Tool_x64.exe
2020-05-01 20:11 - 2020-05-01 20:12 - 000000000 ____D C:\Program Files (x86)\GUM9A9C.tmp
2020-04-29 20:26 - 2020-04-29 20:27 - 001980016 _____ (Malwarebytes) C:\Users\Pedraza\Downloads\MBSetup.exe
2020-04-29 20:16 - 2020-04-29 20:21 - 038869320 _____ (Tweaking.com) C:\Users\Pedraza\Downloads\tweaking.com_windows_repair_aio_setup (1).exe
2020-04-29 20:08 - 2020-04-29 20:09 - 000000000 ____D C:\Program Files (x86)\GUM7EC.tmp
2020-04-30 12:16 - 2020-04-30 12:17 - 001943800 _____ (Bleeping Computer, LLC) C:\Users\Pedraza\Desktop\IExplore.exe.exe
2020-05-03 21:14 - 2019-09-17 21:13 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-03 21:10 - 2016-05-19 20:50 - 000000000 ____D C:\ProgramData\Avg
2020-05-03 20:56 - 2016-05-19 20:51 - 000000000 ____D C:\Program Files (x86)\AVG
2020-04-29 17:31 - 2019-10-01 20:12 - 000000288 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2016-01-05 21:00 - 2016-02-21 16:33 - 000009216 ____R () C:\Users\Pedraza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-12 15:01 - 2015-08-12 15:01 - 000000000 ____R () C:\Users\Pedraza\AppData\Local\{124D4E24-BFA9-4A41-A096-B6F6B426E767}
2015-08-14 23:17 - 2015-08-14 23:17 - 000000000 ____R () C:\Users\Pedraza\AppData\Local\{8152E4D6-FFDB-47BF-9AB5-48B81B353353}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> Ningún archivo
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
C:\Program Files\Common Files\AV
C:\Program Files\AVAST Software
C:\Program Files\BDServices
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.
3.- Inicie su ordenador en >>> Modo Seguro >>> Aplicable a Windows 10. o Windows 7.
Nos comentas como sientes el equipo.
Salu2
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 03-05-2020
Ejecutado por Pedraza (04-05-2020 01:01:43) Run:1
Ejecutado desde C:\Users\Pedraza\Desktop
Perfiles cargados: Pedraza (Perfiles disponibles: Pedraza)
Modo de Inicio: Safe Mode (with Networking)
==============================================
fixlist contenido:
*****************
Start
CloseProcesses:
HKLM\...\Run: [AVGUI.exe] => "C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe" /gui
HKLM-x32\...\RunOnce: [AvgRemover] => C:\Windows\system32\avgremoverx.exe /run_number=2 /max_runs=2 /ndis_nextstep=4 /norestart /selfremove
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricci�n <==== ATENCI�N
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\RunOnce: [mb-runtask] => [X]
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: G - G:\RunGame.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: H - H:\RunGame.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {9bfb48d0-e43d-11e7-8e5f-001c233e7c8b} - F:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {d9857b39-e63b-11e7-8e51-001c233e7c8b} - H:\RunGame.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {e7d0555d-e4d3-11e7-890a-001c233e7c8b} - E:\Autorun.exe
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\...\MountPoints2: {e7d05578-e4d3-11e7-890a-001c233e7c8b} - G:\RunGame.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\Installer\chrmstp.exe [2018-02-23] (Google Inc -> Google Inc.)
Task: {478FF4D3-19D5-45F8-9453-83AA27A96570} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {6F9BAFE8-B5E3-4E21-B5CF-07AADA272801} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {95D8BF6C-93ED-4A78-9A7D-8400B1D3FC35} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Pedraza\Desktop\adwcleaner_7.4.1.exe
Task: C:\Windows\Tasks\AVGPCTuneUp_Task_BkGndMaintenance.job => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ning�n archivo
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ning�n archivo
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ning�n archivo
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ning�n archivo
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
S2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1028096 2016-12-12] (Digital Care Solutions) [Archivo no firmado]
U0 aswVmm; no ImagePath
2020-05-03 21:14 - 2020-05-03 21:14 - 000002352 _____ C:\Users\Pedraza\Desktop\mb-clean-results.txt
2020-05-03 21:08 - 2020-05-03 21:08 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgremoverx.exe
2020-05-03 21:08 - 2020-05-03 21:08 - 000000000 ____D C:\Program Files\AVG
2020-05-03 20:22 - 2020-05-03 20:23 - 000858912 _____ (Malwarebytes) C:\Users\Pedraza\Downloads\mb-clean-3.1.0.1035.exe
2020-05-03 20:21 - 2020-05-03 20:23 - 012638592 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Pedraza\Downloads\avgclear.exe
2020-05-03 20:21 - 2020-05-03 20:23 - 001526784 _____ (Microsoft Corporation) C:\Users\Pedraza\Downloads\BitDefender_Uninstall_Tool_x64.exe
2020-05-01 20:11 - 2020-05-01 20:12 - 000000000 ____D C:\Program Files (x86)\GUM9A9C.tmp
2020-04-29 20:26 - 2020-04-29 20:27 - 001980016 _____ (Malwarebytes) C:\Users\Pedraza\Downloads\MBSetup.exe
2020-04-29 20:16 - 2020-04-29 20:21 - 038869320 _____ (Tweaking.com) C:\Users\Pedraza\Downloads\tweaking.com_windows_repair_aio_setup (1).exe
2020-04-29 20:08 - 2020-04-29 20:09 - 000000000 ____D C:\Program Files (x86)\GUM7EC.tmp
2020-04-30 12:16 - 2020-04-30 12:17 - 001943800 _____ (Bleeping Computer, LLC) C:\Users\Pedraza\Desktop\IExplore.exe.exe
2020-05-03 21:14 - 2019-09-17 21:13 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-03 21:10 - 2016-05-19 20:50 - 000000000 ____D C:\ProgramData\Avg
2020-05-03 20:56 - 2016-05-19 20:51 - 000000000 ____D C:\Program Files (x86)\AVG
2020-04-29 17:31 - 2019-10-01 20:12 - 000000288 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2016-01-05 21:00 - 2016-02-21 16:33 - 000009216 ____R () C:\Users\Pedraza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-12 15:01 - 2015-08-12 15:01 - 000000000 ____R () C:\Users\Pedraza\AppData\Local\{124D4E24-BFA9-4A41-A096-B6F6B426E767}
2015-08-14 23:17 - 2015-08-14 23:17 - 000000000 ____R () C:\Users\Pedraza\AppData\Local\{8152E4D6-FFDB-47BF-9AB5-48B81B353353}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ning�n archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ning�n archivo
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ning�n archivo
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> Ning�n archivo
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
C:\Program Files\Common Files\AV
C:\Program Files\AVAST Software
C:\Program Files\BDServices
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************
Procesos cerrados correctamente.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AVGUI.exe" => eliminado correctamente
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\AvgRemover" => no encontrado
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente
"HKU\S-1-5-21-1634448849-352997038-3322466404-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mb-runtask" => no encontrado
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => eliminado correctamente
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => eliminado correctamente
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => eliminado correctamente
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => eliminado correctamente
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9bfb48d0-e43d-11e7-8e5f-001c233e7c8b} => eliminado correctamente
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9857b39-e63b-11e7-8e51-001c233e7c8b} => eliminado correctamente
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7d0555d-e4d3-11e7-890a-001c233e7c8b} => eliminado correctamente
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7d05578-e4d3-11e7-890a-001c233e7c8b} => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{478FF4D3-19D5-45F8-9453-83AA27A96570} => eliminado correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{478FF4D3-19D5-45F8-9453-83AA27A96570} => eliminado correctamente
C:\Windows\System32\Tasks\AVAST Software\Avast settings backup => movido correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup => eliminado correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F9BAFE8-B5E3-4E21-B5CF-07AADA272801} => eliminado correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F9BAFE8-B5E3-4E21-B5CF-07AADA272801} => eliminado correctamente
C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe => movido correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestart_chrome.exe => eliminado correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{95D8BF6C-93ED-4A78-9A7D-8400B1D3FC35} => eliminado correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95D8BF6C-93ED-4A78-9A7D-8400B1D3FC35} => eliminado correctamente
C:\Windows\System32\Tasks\avast! Emergency Update => movido correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Emergency Update => eliminado correctamente
C:\Windows\Tasks\AdwCleaner_onReboot.job => movido correctamente
C:\Windows\Tasks\AVGPCTuneUp_Task_BkGndMaintenance.job => movido correctamente
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008 => eliminado correctamente
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000009 => eliminado correctamente
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008 => eliminado correctamente
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000009 => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000} => eliminado correctamente
"HKLM\Software\Wow6432Node\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}" => eliminado correctamente
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\"Default"="C:\Program Files\Internet Explorer\iexplore.exe" => valor restaurado correctamente
HKLM\System\CurrentControlSet\Services\BitDefenderCOM => eliminado correctamente
BitDefenderCOM => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\aswVmm => eliminado correctamente
aswVmm => servicio eliminado correctamente
C:\Users\Pedraza\Desktop\mb-clean-results.txt => movido correctamente
C:\Windows\system32\avgremoverx.exe => movido correctamente
C:\Program Files\AVG => movido correctamente
C:\Users\Pedraza\Downloads\mb-clean-3.1.0.1035.exe => movido correctamente
C:\Users\Pedraza\Downloads\avgclear.exe => movido correctamente
C:\Users\Pedraza\Downloads\BitDefender_Uninstall_Tool_x64.exe => movido correctamente
C:\Program Files (x86)\GUM9A9C.tmp => movido correctamente
C:\Users\Pedraza\Downloads\MBSetup.exe => movido correctamente
"C:\Users\Pedraza\Downloads\tweaking.com_windows_repair_aio_setup (1).exe" => no encontrado
C:\Program Files (x86)\GUM7EC.tmp => movido correctamente
C:\Users\Pedraza\Desktop\IExplore.exe.exe => movido correctamente
C:\Program Files\Malwarebytes => movido correctamente
C:\ProgramData\Avg => movido correctamente
C:\Program Files (x86)\AVG => movido correctamente
"C:\Windows\Tasks\AdwCleaner_onReboot.job" => no encontrado
C:\Users\Pedraza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => movido correctamente
C:\Users\Pedraza\AppData\Local\{124D4E24-BFA9-4A41-A096-B6F6B426E767} => movido correctamente
C:\Users\Pedraza\AppData\Local\{8152E4D6-FFDB-47BF-9AB5-48B81B353353} => movido correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => eliminado correctamente
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MSSE => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\BFE => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\BITS => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\dps => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\\"Default"="" => valor restaurado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\\"AlternateShell"="cmd.exe" => valor restaurado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\vss => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\WSService => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\BITS => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\camsvc => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\dps => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\lfsvc => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\msiserver => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SamSs => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\srv => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\srv2 => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\srvnet => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\\"Default"="" => valor restaurado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\\"AlternateShell"="cmd.exe" => valor restaurado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\vss => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WSService => eliminado correctamente
"C:\Program Files\Common Files\AV" => no encontrado
"C:\Program Files\AVAST Software" => no encontrado
C:\Program Files\BDServices => movido correctamente
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local mientras los medios
est‚n desconectados.
Adaptador de Ethernet Conexi¢n de rea local:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:
Sufijo DNS espec¡fico para la conexi¢n. . : home
Direcci¢n IPv6 . . . . . . . . . . : fdb9:5a12:aa48:1:30a2:19fb:47eb:fcc3
Direcci¢n IPv6 temporal. . . . . . : fdb9:5a12:aa48:1:f9f2:b8f9:7d0c:7ad5
V¡nculo: direcci¢n IPv6 local. . . : fe80::30a2:19fb:47eb:fcc3%11
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.39
M scara de subred . . . . . . . . . . . . : 0.0.0.0
Puerta de enlace predeterminada . . . . . : 192.168.1.1
Adaptador de t£nel isatap.home:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel isatap.{611E4EA4-90E0-43ED-8579-4548115BAB09}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x8007042c
========= Final de CMD: =========
========= netsh winsock reset =========
La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error
11003
La siguiente DLL de ayuda no se puede cargar: FWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: AUTHFWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: NSHIPSEC.DLL.
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= netsh advfirewall reset =========
La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error
11003
La siguiente DLL de ayuda no se puede cargar: FWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: AUTHFWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: NSHIPSEC.DLL.
No se encuentra el comando: advfirewall reset
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error
11003
La siguiente DLL de ayuda no se puede cargar: FWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: AUTHFWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: NSHIPSEC.DLL.
No se encuentra el comando: advfirewall set allprofiles state ON
========= Final de CMD: =========
========= netsh int ipv4 reset =========
La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error
11003
La siguiente DLL de ayuda no se puede cargar: FWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: AUTHFWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: NSHIPSEC.DLL.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
La funci¢n de inicializaci¢n InitHelperDll en NSHHTTP.DLL no pudo iniciar, c¢digo de error
11003
La siguiente DLL de ayuda no se puede cargar: FWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: AUTHFWCFG.DLL.
La siguiente DLL de ayuda no se puede cargar: NSHIPSEC.DLL.
No hay valores configurados por el usuario para restablecer.
========= Final de CMD: =========
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
HKU\S-1-5-21-1634448849-352997038-3322466404-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1634448849-352997038-3322466404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1634448849-352997038-3322466404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
=========== EmptyTemp: ==========
BITS transfer queue => 20971520 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4290390 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 703335641 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 128 B
Pedraza => 758557 B
RecycleBin => 7052852267 B
EmptyTemp: => 7.2 GB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 01:03:06 ====
Dejo el ultimo reporte!. Algo que me surgió es que el programa de Photoshop CC cambio su aspecto e idioma, tiene que ver con esto?
Hola @Jimena_Pedraza
He revisado nuevamente el Script pero no tocamos nada relacionado a Photoshop.
Nos restaría que intentes en Modo Normal instalar Malwarebytes y de paso ejecutarlo.
Realizas un Análisis Personalizado enviando a Cuarentena todo lo que te detecte.
Luego de reiniciar, buscas su Informe de Análisis
Y lo pegas en tu próxima respuesta.
Cualquier problema o error nos tomas una imagen.
Salu2
Ok, entonces es un tema aparte entonces
Lo descargué, pero sigue igual
Hola @Jimena_Pedraza
Prueba con este >> Instalador Fuera de Linea de Malwarebytes.
No utilices VPN ni Proxy y desactiva el Firewall si lo tuvieras activado.
Nos comentas.
Salu2
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 5/5/20
Hora del análisis: 12:47
Archivo de registro: acf86c22-8ee7-11ea-ab64-001c233e7c8b.json
-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.889
Versión del paquete de actualización: 1.0.23458
Licencia: Prueba
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Pedraza-PC\Pedraza
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 235924
Amenazas detectadas: 2
Amenazas en cuarentena: 0
Tiempo transcurrido: 29 min, 4 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 2
Adware.Elex.ShrtCln, C:\USERS\PEDRAZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sin acciones por parte del usuario, 295, 454748, , , ,
Adware.Elex.ShrtCln, C:\USERS\PEDRAZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 295, 454748, 1.0.23458, , ame,
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
Hola @SanMar, lo pude instalar!!, te dejé un reporte con las amenazas detectadas, las puse en cuarentena
Hola @Jimena_Pedraza
Bien…
Ahora siguiendo los pasos del Manual que te deje realiza un Análisis Personalizado. seleccionando todas tus Unidades.
Es necesario que tomes el reporte luego de enviar todo a cuarentena y reiniciar.
Esto demorara un poco mas de tiempo.
Salu2